← Back to home

Privacy Policy

Last updated: June 1, 2026

1. Introduction

ZlipFlow ("we", "our", "us") provides a client portal SaaS for freelancers and creators. This Privacy Policy explains how we collect, use, store, and disclose information when you use our website and services (the "Service").

2. Information We Collect

  • Account data: name, email, password hash, profile photo, public username.
  • Project data: client names, project details, files, proposals, messages, and revisions you upload.
  • Payment data: processed by Stripe. We never store full card numbers — only the last 4 digits and transaction metadata.
  • Usage data: IP address, browser type, pages visited, and feature interactions for analytics.
  • Communications: emails you send us and notifications we send on your behalf.

3. How We Use Your Information

We use your information to operate the Service, process payments, send transactional notifications, respond to support requests, prevent fraud, and improve the product.

4. Payments

All payments are processed by Stripe, Inc. When clients pay through your portal, Stripe collects and processes their payment information under its own privacy policy. ZlipFlow receives only transaction metadata (amount, status, last 4 digits, payer email).

5. Sharing of Information

We do not sell your personal information. We share data only with vendors who help us operate the Service: Stripe (payments), Supabase (database & storage), Resend (transactional email), and Cloudflare (hosting). Each is bound by appropriate data-protection terms.

6. Data Retention

We retain account data while your account is active and for up to 90 days after deletion to satisfy legal and accounting obligations. You can request deletion at any time by emailing privacy@zlipflow.com.

7. Your Rights

Depending on your jurisdiction (e.g., GDPR, CCPA), you may have the right to access, correct, export, or delete your personal data. Contact privacy@zlipflow.com to exercise these rights.

8. Security

We use industry-standard encryption in transit (TLS) and at rest. Files are stored in access-controlled buckets with row-level security policies. No system is 100% secure — please use a strong, unique password.

9. Children

The Service is not directed to children under 16, and we do not knowingly collect data from them.

10. Changes

We may update this Policy from time to time. Material changes will be announced via email or in-product notice.

11. Contact

Questions? Email privacy@zlipflow.com.